Search results for cyber fraud | Breaking Cybersecurity News | The Hacker News

The Senate Judiciary Committee Chairman ' Patrick Leahy ' reintroduced a revamped version of the " Personal Data Privacy and Security Act " for tough criminal penalties for hackers, that he originally authored in 2005. During last Christmas Holidays, a massive data breach had occurred at the shopping giant  Target,  involving hack of 40 million credit & debit cards, used to pay for purchases at its 1500 stores nationwide in the U.S. Reason: "Target Data Breach? Seriously"?  In a statement, as published below, the Senator wrote: "The recent data breach at Target involving the debit and credit card data of as many as 40 million customers during the Christmas holidays is a reminder that developing a comprehensive national strategy to protect data privacy and cybersecurity remains one of the most challenging and important issues facing our Nation" It seems that the  TARGET Breach  was scheduled, as the best opportunity to ramp u...

The 2023/2024 Axur Threat Landscape Report provides a comprehensive analysis of the latest cyber threats. The information combines data from the platform's surveillance of the Surface, Deep, and Dark Web with insights derived from the in-depth research and investigations conducted by the Threat Intelligence team. Discover the full scope of digital threats in the Axur Report 2023/2024. Overview In 2023, the cybersecurity landscape witnessed a remarkable rise in cyberattacks.  One notable shift was the cyber risk integration with business risk, a concept gaining traction in boardrooms worldwide. As the magnitude of losses due to cyberattacks became evident, organizations started reevaluating their strategies.  Geopolitical factors played a significant role in shaping information security. The conflicts between nations like Russia and Ukraine had ripple effects, influencing the tactics of cybercriminals. It was a year where external factors intertwined with digital threats....

The U.S. government on Wednesday announced the formation of a new Civil Cyber-Fraud Initiative that aims to hold contractors accountable for failing to meet required cybersecurity requirements in order to safeguard public sector information and infrastructure. "For too long, companies have chosen silence under the mistaken belief that it is less risky to hide a breach than to bring it forward and to report it,"  said  Deputy Attorney General Monaco in a press statement. "Well that changes today, [and] we will use our civil enforcement tools to pursue companies, those who are government contractors who receive federal funds, when they fail to follow required cybersecurity standards — because we know that puts all of us at risk." The Civil Cyber-Fraud Initiative is part of the U.S. Justice Department's (DoJ) efforts to build resilience against cybersecurity intrusions and holding companies to task for deliberately providing deficient cybersecurity products or ...

Before Ransomware, Click fraud was one of the popular and efficient ways for cybercriminals to make money and with the explosive growth in the size of the online threats it is still making its way on the Internet. " Click-Fraud " is the practice of deceptively clicking on search ads with the intention of either increasing third-party website revenues or exhausting an advertiser's budget. Besides the search results, we all have seen advertisements placed in the search engine's WebPage. If the visitor clicks the Ad, the advertiser has to pay a fee to the search engine. A problem that has arisen with pay-per-click is results in Click-Fraud. The term " fraud " is used because in either case, the advertiser is paying for a click without receiving any true value. Of course, the number of clicks has to be large enough in order to gain a considerable amount of money, and in order to do that an attacker can use an automated script or malicious program to simulate multiple clicks b...

The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) on Monday sanctioned two firms and four individuals for their involvement in malicious cyber activities on behalf of the Iranian Islamic Revolutionary Guard Corps Cyber Electronic Command (IRGC-CEC) from at least 2016 to April 2021. This includes the front companies Mehrsam Andisheh Saz Nik (MASN) and Dadeh Afzar Arman (DAA), as well as the Iranian nationals Alireza Shafie Nasab, Reza Kazemifar Rahman, Hossein Mohammad Harooni, and Komeil Baradaran Salmani. "These actors targeted more than a dozen U.S. companies and government entities through cyber operations, including spear-phishing and malware attacks," the Treasury Department  said . Concurrent with the sanctions, the U.S. Department of Justice (DoJ)  unsealed  an indictment against the four individuals for orchestrating cyber attacks targeting the U.S. government and private entities. Furthermore, a  reward of up to $10 ...

A coalition of law enforcement agencies coordinated by the U.K. National Crime Agency (NCA) has led to the arrest and extradition of a Belarussian and Ukrainian dual-national believed to be associated with Russian-speaking cybercrime groups. Maksim Silnikau (aka Maksym Silnikov), 38, went by the online monikers J.P. Morgan, xxx, and lansky. He was extradited to the U.S. from Poland on August 9, 2024, to face charges related to international computer hacking and wire fraud schemes. "J.P. Morgan and his associates are elite cyber criminals who practiced extreme operational and online security in an effort to avoid law enforcement detection," the NCA said in a statement. These individuals, the agency said, were responsible for the development and distribution of ransomware strains such as Reveton and Ransom Cartel , as well as exploit kits like Angler . Reveton, introduced in 2011, has been described as the "first ever ransomware-as-a-service business model." V...

As Threat Actors Continuously Adapt their TTPs in Today's Threat Landscape, So Must You Earlier this year, threat researchers at Cybersixgill released the annual report,  The State of the Cybercrime Underground .  The research stems from an analysis of Cybersixgill's collected intelligence items throughout 2022, gathered from the deep, dark and clear web. The report examines the continuous evolution of threat actors' tactics, tools, and procedures (TTPs) in the Digital Age – and how organizations can adapt to reduce risk and maintain business resilience. This article summarizes a few of the report's findings, including trends in credit card fraud, observations about cryptocurrency, AI developments and how they're lowering barriers to entry to cybercrime, and the rise of cybercriminal "as-a-service" activities. Further below, I also discuss the need for a new security approach, combining attack surface management (ASM) and cyber threat intelligence (CTI) to ...

Cyber crime enterprise is showing a growing interest in monetization of botnets , the most targeted sector in recent months is banking. One of most active malware that still menaces Banking sector is the popular Zeus . Zeus is one of the oldest, it is active since 2007, and most prolific malware that changed over time according numerous demands of the black-market. Recently, Underground forums are exploded the offer of malicious codes, hacking services and bullet proof hosting to organize a large scale fraud. Cyber criminals are selling kits at reasonable prices or entire botnets for renting, sometimes completing the offer with information to use during the attacks. The model described, known also as a Fraud-as-a-Service , is winning, malicious code such as Zeus, SpyEye , Ice IX, or even Citadel have benefited of the same sales model, cyber criminals with few hundred dollars are able to design their criminal operation. Since now the sales model and the actor invol...

I frequently receive emails and messages on how to hack my friend's Facebook account , how to become a hacker, how to penetrate networks , how to break into computers, and how to compromise routers? These are some of the most frequent queries I came across, and in this article I'll attempt to answer these along with a solution on how to get started as a beginner. Before we begin, first let's know… ...What is Ethical Hacking? Most people want to learn hacking just for fun to hack into their friend's Facebook account or Gmail. Remember, Hacking is a skill and if you are here for the same reason, sadly but this platform may not work for you. Ethical hacking is testing the IT resources for a good cause and the betterment of technology. Ethical hackers are none other than computer security experts and researchers who focus on penetration testing and weaknesses in the organization's information systems they associated. A way to become an ethical hacker is to get C...

Europol on Friday announced the arrest of 34 individuals in Spain who are alleged to be part of an international criminal organization called Black Axe . As part of an operation conducted by the Spanish National Police, in coordination with the Bavarian State Criminal Police Office and Europol, 28 arrests were made in Seville, along with three others in Madrid, two in Málaga, and one in Barcelona. "The criminal network is known for its involvement in a wide range of criminal activities, including cyber-enabled fraud, drug trafficking, human trafficking and prostitution, kidnapping, armed robbery and fraudulent spiritual practices," Europol said in a statement. It's estimated that the criminal network is responsible for fraud resulting in damages exceeding €5.93 million ($6.9 million). In addition to the arrests, authorities have frozen €119,352 ($138,935) in bank accounts and seized €66,403 ($77,290) in cash during house searches. Black Axe is assessed to be a hier...

Srinagar: A Nigerian national is under the scanner of Jammu and Kashmir Police while four other persons have been arrested in the first case of cyber bank fraud in the Kashmir Valley. Four persons, including two residents of Mumbai, were arrested last week in connection with a case of bank fraud caused by cyber hacking, in which Rs 3.25 lakh were swindled from three accounts in Kashmir. "It is the first case of its kind in the Valley. The first cyber related bank fraud case carried out in Kashmir by using tampered credit cards which are cloned and linked," said Senior Superintendent of Police (SSP), Srinagar, Ashiq Bukhari. The case could lead to a breakthrough in busting a "huge nexus involved in bank frauds across the country or may be outside the country," he said. On December 30, police received a complaint from a local jeweller that a "fraudulent" digital transaction worth Rs 1.35 lakh had been made from his shop. "Investigation revealed that a l...

Google, the FBI, ad-fraud fighting company WhiteOps and a collection of cyber security companies worked together to shut down one of the largest and most sophisticated digital ad-fraud schemes that infected over 1.7 million computers to generate fake clicks used to defraud online advertisers for years and made tens of millions of dollars in revenue. Dubbed 3ve (pronounced "Eve"), the online ad-fraud campaign is believed to have been active since at least 2014, but its fraudulent activity grew last year, turning it into a large-scale business and earning their operators more than $30 million in profit. Meanwhile, the United States Department of Justice (DoJ) also unsealed Tuesday a 13-count indictment against 8 people from Russia, Kazakhstan, and Ukraine who allegedly ran this massive online advertising scheme. The 3ve botnet scheme deployed different tactics, such as creating their own botnets, creating fake versions of both websites and visitors, selling fraudulent...